Privacy & data
Protected customer data
Safety Label is Level 0: it works only with your product catalog and theme to collect and display GPSR safety data. It never reads orders, customers, or checkouts.
PCD LEVEL 0
What Safety Label accesses
read_products
Product titles, descriptions and existing safety metafields — used to audit GPSR completeness and to ground AI drafts in your own product text.
write_products
Writes the safety data you enter or approve back to the product's safetylabel metafields. Every write is snapshotted and reversible.
read_metaobjects / write_metaobjects
Stores reusable manufacturer / EU-Responsible-Person records so you can attach one entity to many products without retyping.
read_themes
Detects whether the Safety Label theme app-embed is enabled, so we can show an honest "displayed on storefront ✓" instead of guessing. Read-only.
What Safety Label never accesses
Orders, customers, checkouts, or any personally identifiable customer data. Safety Label does not request read_orders, read_customers or related scopes — it is structurally unable to read them.
How your data is handled
- Zero-retention AI: when you use AI auto-fill, your product text is sent to the model to draft safety fields and is never logged or retained; only coarse, non-content metadata (token counts, latency) is recorded.
- Grounded extraction: AI drafts are constrained to text found in your own product data — the app discards any value it cannot ground in your source.
- Encrypted at rest: Shopify access tokens are stored with AES-256-GCM encryption.
- Deleted on uninstall: on app uninstall and on a Shopify shop-redaction request, all of your data is removed.
Honesty
The GPSR compliance score measures how complete your product's safety data is against the required fields — it is not legal advice or a determination that a product is compliant or safe. You are responsible for the accuracy of the data you enter.